| created | 2018-12-27T19:42:16Z |
|---|---|
| begin | 2018-07-13T00:00:00Z |
| end | 2018-07-14T00:00:00Z |
| path | src/sys |
| commits | 11 |
| date | 2018-07-13T05:25:24Z | |||
|---|---|---|---|---|
| author | tb | |||
| files | src/sys/arch/amd64/conf/GENERIC.MP | log | diff | annotate |
| message |
zap some garbage that snuck in. spotted by kevlo |
|||
| date | 2018-07-13T05:56:57Z | |||
|---|---|---|---|---|
| author | guenther | |||
| files | src/sys/lib/libkern/arch/amd64/ffs.S | log | diff | annotate |
| src/sys/lib/libkern/arch/amd64/strchr.S | log | diff | annotate | |
| src/sys/lib/libkern/arch/amd64/strlen.S | log | diff | annotate | |
| message |
Use _ALIGN_TRAPS instead of _ALIGN_TEXT where nops aren't needed. ok deraadt@ |
|||
| date | 2018-07-13T07:22:55Z | |||
|---|---|---|---|---|
| author | phessler | |||
| files | src/sys/net80211/ieee80211_node.c | log | diff | annotate |
| message |
Some more checks before auto-join switches networks. Make sure all of the crypto options the AP announces matches what we would configure. While here, don't switch if the user has specified a specific BSSID, and the new AP does not match. OK stsp@ |
|||
| date | 2018-07-13T08:10:45Z | |||
|---|---|---|---|---|
| author | deraadt | |||
| files | src/sys/arch/i386/conf/Makefile.i386 | log | diff | annotate |
| message | repair inconsistancies | |||
| date | 2018-07-13T08:10:56Z | |||
|---|---|---|---|---|
| author | deraadt | |||
| files | src/sys/arch/amd64/conf/Makefile.amd64 | log | diff | annotate |
| message | repair inconsistancies | |||
| date | 2018-07-13T08:30:34Z | |||
|---|---|---|---|---|
| author | sf | |||
| files | src/sys/arch/amd64/amd64/codepatch.c | log | diff | annotate |
| src/sys/arch/amd64/amd64/mainbus.c | log | diff | annotate | |
| src/sys/arch/amd64/conf/ld.script | log | diff | annotate | |
| src/sys/arch/amd64/include/codepatch.h | log | diff | annotate | |
| message |
Disable codepatching infrastructure after boot This way, it is not available for use in ROP attacks. This diff puts the codepatching code into a separate section and unmaps that section after boot. In the future, the memory could potentially be reused but that would require larger changes. ok pguenther@ |
|||
| date | 2018-07-13T08:51:15Z | |||
|---|---|---|---|---|
| author | bluhm | |||
| files | src/sys/net/bpf.c | log | diff | annotate |
| message |
Some USB network interfaces like rum(4) report ENXIO from their ioctl function after the device has been pulled out. Also accept this error code in bpf_detachd() to prevent a kernel panic. tcpdump(8) may run while the interface is detached. from Moritz Buhl; OK stsp@ |
|||
| date | 2018-07-13T09:25:22Z | |||
|---|---|---|---|---|
| author | beck | |||
| files | src/sys/conf/files | log | diff | annotate |
| message |
Unveiling unveil(2). This brings unveil into the tree, disabled by default - Currently this will return EPERM on all attempts to use it until we are fully certain it is ready for people to start using, but this now allows for others to do more tweaking and experimentation. Still needs to send the unveil's across forks and execs before fully enabling. Many thanks to robert@ and deraadt@ for extensive testing. ok deraadt@ |
|||
| date | 2018-07-13T09:25:23Z | |||
|---|---|---|---|---|
| author | beck | |||
| files | src/sys/kern/init_sysent.c | log | diff | annotate |
| src/sys/kern/kern_exec.c | log | diff | annotate | |
| src/sys/kern/kern_exit.c | log | diff | annotate | |
| src/sys/kern/kern_fork.c | log | diff | annotate | |
| src/sys/kern/kern_pledge.c | log | diff | annotate | |
| src/sys/kern/kern_unveil.c | log | diff | annotate | |
| src/sys/kern/syscalls.c | log | diff | annotate | |
| src/sys/kern/syscalls.master | log | diff | annotate | |
| src/sys/kern/vfs_lookup.c | log | diff | annotate | |
| src/sys/kern/vfs_subr.c | log | diff | annotate | |
| src/sys/kern/vfs_syscalls.c | log | diff | annotate | |
| src/sys/sys/namei.h | log | diff | annotate | |
| src/sys/sys/pledge.h | log | diff | annotate | |
| src/sys/sys/proc.h | log | diff | annotate | |
| src/sys/sys/syscall.h | log | diff | annotate | |
| src/sys/sys/syscallargs.h | log | diff | annotate | |
| src/sys/sys/vnode.h | log | diff | annotate | |
| message |
Unveiling unveil(2). This brings unveil into the tree, disabled by default - Currently this will return EPERM on all attempts to use it until we are fully certain it is ready for people to start using, but this now allows for others to do more tweaking and experimentation. Still needs to send the unveil's across forks and execs before fully enabling. Many thanks to robert@ and deraadt@ for extensive testing. ok deraadt@ |
|||
| date | 2018-07-13T09:36:00Z | |||
|---|---|---|---|---|
| author | beck | |||
| files | src/sys/kern/vfs_syscalls.c | log | diff | annotate |
| message |
Make the default failure for unveil while disabled return success so that people don't get screwed when playing with it on their machines |
|||
| date | 2018-07-13T13:47:41Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/kern/kern_unveil.c | log | diff | annotate |
| message | unbreak gcc4 build | |||